What are the primary online security threats?
Most security threats are performed by attackers using a relatively small number of vulnerabilities. The attackers who are relatively opportunistic, embark on the path of the least resistance and continue to use these most common failures rather than looking for new exploitation or taking advantage of more difficult. Fortunately, in many cases, their predictability makes it easier to prevent the attack from following several simple rules:
- until it is available, apply regular updates and repairs.
- Use security software and hardware such as firewalls and authentication servers.
- Do not use default passwords and other values that are provided by your software.
- Web servers and services. HTTP default servers have had several vulnerabilities for the past few years have been released and numerous patches. Make sure they are all your patchesCurrent and do not use default configurations or default demonstration applications. These vulnerabilities can lead to attacks on the rejection of the service and other types of threats.
- Workstation Service.
- Windows Remote Access Services. In most systems, different methods of remote access are included by default. These systems can be very useful, but also very dangerous, and an attacker with the right tools can easily get control of the host.
- Microsoft SQL Server (MSSQL). There are several vulnerabilities in MSSQL that could allow the attacker to get information from the database or compromise the server. In addition to using all the latest patches, enabling the SQL server authentive cations and server security at the network level and the system will prevent most of these attacks.
- Windows verification. Most Windows uses passwords, but passwords can easily be guess or stolen. Creating stronger and more difficult judgesNIP Passwords, not using default passwords and adhere to the recommended password policies will prevent password attacks.
- web browsers. Your Internet window, the web browser contains a lot of vulnerability. Common exploitation may include the publication of "cookies" with personal data, the performance of Rogue Code, which could endanger the system and exposure to locally stored files. Configuration of browser security settings for settings higher than the default value prevents most web browser attacks.
- file sharing app. peer-to-peer (P2P) programs are commonly used to share files. In the P2P system, computers are open to others in the P2P network to allow all participants to seek and download files from each other. Many corporations prohibit the use of P2P networks due to the obvious risk of endangered data.
- LSAS exposure. The Local Windows Security Office (LSAS) subsystem has a critical overflow overflow overflow,which the attacker can use to get control of the system. The correct configuration and the use of patches will again prevent most exploitation.
- mail client. The attackers can use a postal client on a computer to spread worms or viruses and include them as attachments to e -mails. Configuration of the postal server adequately and blocking attachments, such as .exe or .vbs files will prevent most of the clients' attacks.
- fast sending messages. IM configuration correctly, apply all the latest patches, and take control of any transfers of files that occur during IM will prevent most attacks.
IN OTHER LANGUAGES